CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24482 – FactoryTalk® View Site Edition - Local Code Injection
https://notcve.org/view.php?id=CVE-2025-24482
28 Jan 2025 — A Local Code Injection Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect default permissions and allows for DLLs to be executed with higher level permissions. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1720.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24481 – FactoryTalk® View Site Edition - Incorrect Permission Assignment
https://notcve.org/view.php?id=CVE-2025-24481
28 Jan 2025 — An Incorrect Permission Assignment Vulnerability exists in the product and version listed above. The vulnerability is due to incorrect permissions being assigned to the remote debugger port and can allow for unauthenticated access to the system configuration. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1720.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7513 – Rockwell Automation FactoryTalk® View Site Edition Code Execution Vulnerability via File Permissions
https://notcve.org/view.php?id=CVE-2024-7513
14 Aug 2024 — CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD%201688.html • CWE-732: Incorrect Permission Assignment for Critical Resource •